By 
NDPC launches sector-wide investigation.
The Nigeria Data Protection Commission (NDPC) has launched a sector-wide probe targeting 1,369 indigenous firms accused of violating the Nigeria Data Protection Act (NDPA) 2023.
RELATED: In 2024, NDPC must apply the stick and strengthen a national privacy culture
The probe covers sensitive industries including banking, insurance, pensions, gaming, and insurance brokerage, with 795 financial institutions among those flagged.
21 Days to Prove Compliance
According to Babatunde Bamigboye, Head of Legal, Enforcement and Regulations at NDPC, affected companies must provide compliance evidence within 21 days or face sanctions.
The list includes 392 insurance broker firms, 35 insurance companies, 10 pension companies, and 136 gaming companies.
Previous Data Protection Sanctions
This development follows NDPC’s ₦766.2 million fine against Multichoice Nigeria for breaches involving subscriber data and cross-border data transfers.
Earlier in 2024, the Commission investigated alleged data protection infractions by MTN’s MoMo Payment Service Bank, Guaranty Trust Bank (GTB), Fidelity Bank, and Meta (Facebook).
Safeguarding Data Privacy in Nigeria’s Digital Economy
Bamigboye emphasized that responsible data use is vital for Nigeria’s trusted participation in regional and global markets.
The NDPC has directed firms to:
- File 2024 NDPA compliance audit returns
- Appoint a Data Protection Officer (DPO) with full contact details
- Provide a summary of technical and organizational measures for data protection
- Confirm registration as a data controller or processor of major importance
